Smartphones promise to play an important role in the management and control of Home Automation (HA) solutions. When things and devices have either no or a constrained user interface (UI), the phone’s display becomes more and more relevant to managing devices. Additionally, new capabilities for biometric authentication to the phone such as Apple’s Touch ID will help secure these management features.

Apple’s recent announcement of their HA framework HomeKit in iOS 8 positions the user’s iPhone or iPad as the control point for the home’s devices (at least those that are HomeKit compatible). Using an iPhone to manage and control devices to some extent mitigates the current lack of interoperability between different HA platforms - who needs a standard when Apple can define their own protocol and expect hardware manufacturers to adhere to it (de jure versus de facto).

For consumers, seeing the ‘iPhone compatible’ logo on the smart lock they are considering purchasing will likely assuage any fears of setup and configuration and so HomeKit may well kick start the HA space for the mass market.

Apple has yet to release the full details of HomeKit, but the expectation is that the iPhone will communicate to the devices using BLE (peer-to-peer) or Wi-Fi (if on same network). The assumption that the phone is actually in the household highlights a fundamental challenge with the idea of using a phone as the controller - what do the devices do when the controller is not inside the house to direct them? Sit around twiddling their rhetorical thumbs waiting patiently?

Related, in its press for HomeKit, Apple uses the example of being able to tell Siri to ‘turn on the lights in the living room.’ Contrast this with the house and its devices working out when to turn on/off the living room lights - either through Nest style learning or explicit rules defined by the homeowner. (To be fair the HomeKit documentation does refer to triggers, these may well be a hook that would enable a ‘if event [X] then action [Y]’ sort of logic.)

Taken together, HomeKit’s seeming presumption of 1) ‘user in the house’ and 2) ‘user initiates actions’ creates a relatively ‘manual’ HA model - and enabling a set of use cases that might collectively be characterized as ‘I’m too lazy to get off the couch.’

The full value of HA will never be realized if the expectation is that we the user, must be directly involved in every interaction our things (our thermostats, our toasters, our TVs) perform. HA is more than a ‘universal remote’. Our things must be able to act on our behalf, whether or not we actively initiate the operation or even are physically present in the house. And of course, critically, ‘on our behalf’ implies that we stay in control throughout the various stages of the thing’s lifecycle - initial setup, ongoing operation, and eventual powering down and recycling.

This requirement, that computing devices be authorized and empowered to act on behalf of specific human users in ways that are consistent with the user’s wishes is not new - a relatively recent manifestation is how one online provider is able to query and manipulate our data maintained by some other online provider. For instance, a financial aggregator pulling my banking and investment information together for analysis, or a homeowner sharing their hydro consumption data with a third-party for tips on how to save.

Spotlight

(IN)SECURE Magazine is a free digital security publication discussing some of the hottest information security topics. Learn about personal data bankruptcy and the cost of privacy, security and compliance, delivering digital security to a mobile world, and much more.

As ISPs, hosting providers and online enterprises around the world continue suffering the effects of DDoS attacks, often the discussions that follow are, “What is the best way to defend our networks and our customers against an attack?”

The code redirects visitors to another URL where the Fiesta exploit kit is hosted, which then tries to detect and exploit several vulnerabilities in various software. If it succeeds, the visitors are saddled with a banking Trojan.

Looking for an Android-based tablet for your child but don't know which one to choose? If you are concerned about the device's protection against random hackers, Bluebox Security has just released a review of the nine most popular Android tablet models aimed specifically at children.